Recent Posts
Follow Us
twittergoogle_pluslinkedinrssyoutube
The Legal Stuff
BT Policyholder Protection Blog
0 0

06 Sep 2016 Scott Godes Quoted in Law360’s “3 Tips For Manufacturers To Insure The Internet Of Things”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in “3 Tips For Manufacturers To Insure The Internet Of Things,” published by Law360.   Law360 recently wrote an article about the risks that manufacturers of IoT products face in connection with cybersecurity and data privacy. In the article, Scott said: “You would hope as a cyberinsurance buyer that a privacy or network security incident would be covered under your policy, regardless of whether it is based on an internet of things incident or a more traditional infiltration of a network server.”   Read the full article here. Scott GodesScott N. Godes is a veteran trial lawyer with experience in insurance coverage matters and technology issues. He is a partner in…

READ MORE
0 0

17 May 2016 Does a CGL Insurance Policy Cover a Data Breach? The Fourth Circuit Says ‘Yes’

Introduction   If you have anything to do with cybersecurity, privacy, or insurance, you undoubtedly have heard that the U.S. Court of Appeals for the Fourth Circuit ruled in April that a Commercial General Liability (CGL) insurance policy provides coverage for a data breach, in the case Travelers Indemnity v. Portal Healthcare Solutions.  In the last few years, insurance companies have been marketing cyberinsurance policies as the product designed for cybersecurity and privacy risks.  So how could it be that a CGL insurance policy – which insurance company lawyers proclaim were not “meant” to cover data breaches – provides coverage for data breaches?  We discuss the well-reasoned Portal Healthcare decision, which bolsters policyholders’ rights to collect under CGL policies, below.   The first question when…

READ MORE
0 0

13 May 2016 Scott Godes Quoted in Law360, “4 Tips for Law Firms to Maximize Cyber Coverage”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in “4 Tips for Law Firms to Maximize Cyber Coverage,” published by Law360.   The article notes that law firms handle a wide variety of confidential client data, and comments on the importance of having insurance to cover related risks.  The article gives tips about policy terms, conditions, and exclusions that, in a perfect world, law firms should think about when buying coverage.   Law360 asked Scott about using the cloud and outsourcing data storage and processing.  Scott is quoted saying, “To the extent a law firm is relying on cloud providers for storage, processing or some other service, ‘cloud’ or ‘outsourced support’ should be included in the…

READ MORE
0 0

26 Apr 2016 Does a CGL Insurance Policy Cover a Data Breach? The Fourth Circuit Says ‘Yes’

If you have anything to do with cybersecurity, privacy, or insurance, you undoubtedly have heard that the U.S. Court of Appeals for the Fourth Circuit ruled in April that a Commercial General Liability (CGL) insurance policy provides coverage for a data breach, in the case Travelers Indemnity v. Portal Healthcare Solutions.  In the last few years, insurance companies have been marketing cyber insurance policies as the product designed for cybersecurity and privacy risks.  So how could it be that a CGL insurance policy – which insurance company lawyers proclaim were not “meant” to cover data breaches – provides coverage for data breaches?  We discuss the well-reasoned Portal Healthcare decision, which bolsters policyholders’ rights to collect under CGL policies, below.   The first question when reviewing…

READ MORE
0 0

25 Apr 2016 Scott Godes quoted in Legaltech News Article “Cyberinsurance: A Necessary Protection in the Digital Era?”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in a Legaltech News article, “Cyberinsurance: A Necessary Protection in the Digital Era?”   Between 2005 and 2015, more than 5,000 must-report data breach incidents were tracked; and since 2002, breach notification laws have been enacted in 47 states. Given the rising number of breaches and response costs, companies are turning to cyberinsurance for remediation.   Scott is quoted numerous times within the article, including one note stating, “A data breach, and several courts have agreed, particularly when the information is put online, involves the publication of materials that violates a person’s right to privacy. And yet, notwithstanding this good case law, for policyholders, insurance companies continue to…

READ MORE
0 0

15 Feb 2016 Scott Godes Quoted in Law360: Insurance article “Data ‘Privacy Shield’ Spurs Need for Cybersecurity Coverage”

  Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in a Law360: Insurance article, “Data ‘Privacy Shield’ Spurs Need for Cybersecurity Coverage.”   The article talks about the recent “Privacy Shield” data transfer mechanism agreed to by European and U.S. officials and how it may have companies closely watching their insurance policies. The article discusses changing privacy risks and raises questions about insurance coverage for the evolving risks.   Scott is quoted multiple times in the article, including one note stating, “Policyholders should evaluate their regulatory coverage overall and be thoughtful about the coverage afforded under those policies. They should be thoughtful about the Privacy Shield and whether investigations and claims related to the new requirements…

READ MORE
0 0

27 Oct 2015 Scott Godes quoted in Law360 Article, “Privacy ‘Bill of Rights’ to Boost Demand for Breach Coverage”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in a Law360 article, “Privacy ‘Bill of Rights’ to Boost Demand for Breach Coverage.”   The article highlights the recently introduced privacy bill of rights and changes to the regulatory environment that could change the cyberinsurance marketplace for  policyholders.   Scott is noted saying, “Cyberinsurance remains the Wild West of insurance. But with the changing regulatory environment, we’re starting to see changing prices and the market opening up and tightening up.”   Read the full article here. Scott GodesScott N. Godes is a veteran trial lawyer with experience in insurance coverage matters and technology issues. He is a partner in Barnes & Thornburg LLP’s Washington, D.C., office and…

READ MORE
0 0

08 Oct 2015 Regulation S-P Violation: Are You Prepared For A Cyber-Security Breach?

On Sept. 22, 2015, the Securities and Exchange Commission (SEC) announced the first violation by a registered investment advisor of the so-called Safeguards Rule (Regulation S-P) pertaining to the protection of personally identifiable information from cyber-attack. This is the first instance of the SEC enforcing Regulation S-P against an investment advisor.   The Regulation, broadly speaking, requires broker-dealers, investment advisers and other financial firms to protect confidential customer information from unauthorized release to unaffiliated third parties. Included in Regulation S-P is the “Safeguard Rule” (Rule 30(a)), which requires financial institutions to, among other things, adopt written policies and procedures reasonably designed to protect customer information against cyber-attacks.  This raises the question:  Are you prepared for a cyber-attack (and the attendant liability)?   In its findings,…

READ MORE
0 0

02 Oct 2015 Scott Godes Quoted in Law360 Article, “A Cyberattack Survival Guide for Policyholders”

Scott Godes, partner and co-chair of the firm’s Data Security and Privacy Practice Group, was recently quoted in Law360’s article, “A Cyberattack Survival Guide for Policyholders.” The article examines cybersecurity concerns companies face after massive data breaches and highlights issues such as card issuer liability, customer liability, and D&O litigation.   Scott is quoted multiple times within the article.  He notes that there is not a magic solution to preventing data breaches and cyberattacks, noting that many “large enterprises that were hit with data breaches” had been “certified as compliant with payment card security rules by a third party.” Scott then gives advice for buying and evaluating cyberinsurance policies and insurance towers for those risks.   Read the full article here. Scott GodesScott N. Godes…

READ MORE
0 0

17 Sep 2015 My Company Doesn’t Have Cyberinsurance: Where Do I Start?

Cyber risks and cyberinsurance are hot topics in almost every industry. However, many companies do not have cyberinsurance yet and often don’t know where to start or how to evaluate their cyber risks and need for coverage, let alone how to identify carriers and forms offering cyberinsurance. Business Insider recently reported that cyberinsurance will become a $7.5 billion dollar industry in the next five years. Here are five tips for getting started if your company does not have cyberinsurance:   Evaluate your needs   Every company has cyber risk. However, the potential impact of a cyber incident varies widely depending on your industry, type of customer, amount of and type of data you store electronically and your security systems. Talking to similar companies about whether…

READ MORE